外文翻译ASP的开发准则及安全管理.docx

外文翻译ASP的开发准则及安全管理.docx

《外文翻译ASP的开发准则及安全管理.docx》由会员分享，可在线阅读，更多相关《外文翻译ASP的开发准则及安全管理.docx（10页珍藏版）》请在冰豆网上搜索。

外文翻译ASP的开发准则及安全管理

附录

外文原文：

Theexploitationcriteriaandsecuritymanagementoftheasp

Exploitationcriteria:

Applicationservershavebeen,orultimatelywillbeusedinWebserver,whichusuallyoperateintheIISASPpagecomputer.ASPistheonlyobjectofyourclient.Itoffersspecializedsystemsandsecurityconsiderations.WhilemanyoftheWebsitesuseASPsimplynotcomponents,butinthisarticlethatASPistheInternetasabridgebetweentheclientandcomponents.ThefollowingASPcomponentsGuidelines（English）:

ASPandthedivisionofservicesbetweencomponents

ASPserverinthemostcommonlyusedbuildingfortheclienttouseHTMLorXMLdocuments,sowefocusedontheuseoftheprogram.Thisleadstoacommonproblem,ifASPpageontheserver,thentheyarepartoftheoperationallevel?

Componentsintheworld,theanswerusuallyisnot.AlthoughtheASPserverisinoperation,butmayberelatedtospaceapplicationsinthesameserver,butitcannotmakeitapartofthebusinesslogic.Withuserinterfacedevelopmenttool,orastheopeningofmorebusinesstooperationalprogramswiththecleardistinctionwillbetremendousreturns.

Letuslookatsomeofthemostimportantoperationallevelandthatleveldivisionguidelines:

SeparationoftheUIcodeandbusinesslogic.ThisincludespreparationcoupledwiththeUIcode,suchastheuseofASPcomponentsMTSinternaltargetitwiththebusinesslogiccodeseparation,asinadifferentDLL.

affairwillbeseparatedwiththeASPpage.ServicesASPincertaincasesbeyondcompare,butthecomponentsandmulti-storeyapplicationswillchangethissituation.Componentsshouldnotbedependentontheclientlayertomanagetheiraffairsandbusinesslogicsemantics.

Willbeexpressedcomponents（usesolicitandresponsivecomponents）andWebserveronthesamemachineand/ortenor.IftheuseofASPinternalcomponentsofthetargetobjectsonremotemachines,thenalloftheinternalcomponentswillbeavailableinretailform.ServerclientaccessisCOM+server,whichsignificantlyreducedtheperformanceandsecurityofcomplicated.ThesemarkingswillbelayinCOM+applicationsmarkas"libraryactivated".

ASPexistinserver,ASPpagesmustbeconsistentwithresourcesharingrules,andremembertoflexibility.Lookatthefollowingdetails:

Inthe"conversation",managementshouldavoiduserspecificstate.KeepASPstatelessandwherepossibletoallowresourcespool.

Modeoperation:

Inevaluatingwhetheracodeofbusinesslogiclayerorexpressed,mayIaskmyself:

"IfIhavetouseclick-phoneapplicationstoreplacemyASPpage,thenthecodearethere?

inter-ideograph;MARGIN:

0cm0cm0pt;TEXT-ALIGN:

justify">"Iftheansweris"yes",thenitcouldtrytobusinesslogiccodeintomachinecodeoruserinterfacetohelp.

Ifchangedaftertheclientcodecannotbeused,orifitisconstructedwiththehelpoftheuserinterface,thecodeisexpressedserviceslayer.ItASPpage,orintheinternalcomponentsused

ASPcomponents.Itdoesnotbelongtotheoperationaltargetsofcomponents.UnderstandingofthedistinctionbetweendesktopandASPclient

Itwasmodularincumbentengine，differenttable'stop'traditionunilineranwin32applicationfromthatasp.Keydistinctiongeneralizeasfollows:

Threadmanagement:

ASPisamulti-clientthreads.Thismeansthatitcanhavemanyactivitiesintheoperation,perhapsatthesametimedealingwithdifferentASPpage.Thisshowsthatitisnottheonlypseudo-objectstoexclusivesystemusers.Thismaybeunexpectedreactions,forexample,intoabadhabit:

theobjectstoredinASPapplicationvariablesorconversation.

Securityenvironment:

ASPistheWebsiteoftheInternetInformationServices5.0implementation,alow,medium,highthreeseparatedegrees.TheWebsitecanevenhavedifferentsecuritysetup,orrefusetoallowanonymousaccess,forcustomerandsoon.Allthesehavegeneratedalotofprograms,namely,theuseofdifferentend-useraccountisyourobject.

Easyrose:

Thisisnotatechnicalissue,butWebapplicationsprovidefacilitiesDeputyeffect.Traditionally,theincreaseinuserbasefordesktopapplications,thenumberofrequestscarefullyplannedwellknowntotheclienttransferred.ASPhaschangedtheprocessinmotionandoperational,ASP-VisualBasicapplicationscanbeconvenientlyopenedforlocalorworldwideforallstaff,allbusinesspartnersandcustomersalluse.Thisapproachcanbeusedtodescribe-ownedsuperlinksindividuale-mailuserscanmakeatenfoldincreaseinthebase.Toprepareforyourapplications?

TheonlywaytounderstandtheintensityofWebsitesfortestingtoobtaintheexpectedvalueoftheactualperformance.Detailedinformationontheintensityofthetest,pleaserefertothe"applicationlifecycle"section.

IntheuseofVisualBasicASPshouldtarget?

Inthecontextoftheestablishmentandabolitionofpagesofyouraudience.Inotherwords,asfaraspossiblesothatnostateASPpagesonlyinastateofdependenceconversationortemporaryapplicationsvariables.NottotargetstorageapplicationsinEnglishorvariables.ThiswilllockinyourconversationASPsystems,theexpectedvalueofflexibilitymaycancelall.Inotherwords,theWebservershandlenomorethanafewdozensofusers.Ifrequired,inEnglishorapplicationsstoredcontent,pleaseturnitintothedataratherthanobjects.Therearemanyothercriteriacanbeobserved.WerecommendthatyoureadMSDNVoices,.J.D.Meiercomposethecolumn"Servin

yes">ItUp."

Thecolumnincludesalotoftechnology,practiceandskillsdevelopmentcancontributetotheexpansionandreliableASPcomponentsandapplications.

NottobequotedorapplicationsmemoryatconversationalltheinsertedobjectcomponentsareVisualBasic6.0"cellthread",thatistosaytheyareoperatingintheIntermodule.Thismeansthatifthethreadestablishedtargets,thentheobjectofallresourcesmustusethesamethreads.Manythreads（fromitWebsiteusers）usethesameexamplesAgencytargets,raisesaseriesofactivities,theapplicationprocessmaybecomebottlenecks.

Inaddition,inconversationwithServer.CreateObjectstoredwithintheobjectSTAtobeimplementedthreadscanbeeffectivelylinkedtothecurrentuser,thusitwillbethelargestapplicationstogiveusersafewrestrictionsthe20xN（N=numberofprocessors）.

Modeoperation:

Ifyouaccordingtooursuggesttotakeobjectstateless,arenotusedforstorageofaclient,andstoredinthecontextoftheirapplications.Clientwillbeabletoestablishanindependent,useandcancellationoftheirowntarget.Thisreducestheneedformaintainingconversation-becausetheydonotretaintheskillsuniquetothestate.Recommendedapproachistotargetastate,itneedsadatabaseorotherstorageareatovisit（suchascookiesandLDAP）.IfapplicationsrequiretheuseofEnglishorthescopeofthedata,thedatashouldinsteaddealwiththesubjectofdatastoredinit.Thedisposeoftheyoucouldbeginonegenera，cameencapsulationversusdesirablevalue.

ASPsecuritymanagement:

Thebasicconceptofsecuritymanagement

SafetymanagementisbasedoninformationandASPsolutiontomanagethesecuritystrategyhassetthesecurityleveldefinitionprocess.Includingmanagementoftheresponsetoviolationsofthesecurityact.ASPcanbecontrolledwithoutfearofattackandASPclientsbusinesscontinuity,sotobeabletodealwithmaliciousattackscouldreallyanart.

Safetymanagementinlargemeasuredependentonthesecuritystrategy.Thesestrategiescouldproducefromdifferentsources.Tobeconsideredwhendesigningsecuritystrategyare:

ServicelevelagreementonthedefinitionofexternalcustomerneedsexternalsecuritylawrequiresexternalsupplierswithintheASPsecuritystrategyandsecuritystrategyintheASPenvironmentintegratedcustomercircumstances,theinternal/externalsecuritystrategy,Foreachsolution,ASPmustbedefinedsecuritystrategy.ThestrategyshouldbebasedonthevariousaspectsofthemostreliableHop.Accordingtocustomerneeds,andeventhebasicstructurewillbeverydifferentdesign.Usuallyusethreesafetydesign:

Thededicatednetworkjointofthebothaspsolutionandsafetyprecautionscompletenessbyaspproceedend-to-endControlusually，thesepurportaspversusproprietarybasicstructuresubassemblypossessfullcontrol，includeaspandclientofcompartment.

Public:

ASPsolutionsandsecuritymeasuresbyASPcomponentcontrol.Usually,thismeansthatwithintheASPisincontrolofitsownwebsite,butdoesnotguaranteetoprovidesolutionstothepublicnetworkwithcontrol.However,theASPcanbeusedas"virtualprivatenetwork"（VPN）tocarryoutsuchtechnicallinksbetweenASPandclientsecurity.

Mixed:

thesolutionisacombinationoftheprevioustwo."dedicated"and"common"solutionsareused.Inensuringsecuritysolutions,andalsoinvolvesASPcustomers.

TherearefivedimensionsoftheprocessneededtoimprovetheMOFmodel:

planning:

planningactivitiesincludingincustomerrequirements,aswellasinternalandexternalstrategiesbasedonthelegitimatedemandsoftheSLAsecuritycomponent.Inadialoguewithclientsatthesametime,itmaybenecessarytoestablishoradjustinternalsecuritystrategy.OfcourseweshoulddecidewhethertodosobytheASP.Thisresultedinalevelofsecurityplanning,includingallaspectsofthesecuritystrategyanddesign（infrastructure,personnel,steps,theenvironment,basiccontracts,etc.）.

Implementation:

Putstratificationplanee